[webkit-changes] [WebKit/WebKit] 905fdd: texSubImage2D crashed on iOS16 + WebGL2 + large WA...
Kimmo Kinnunen
noreply at github.com
Thu Feb 2 00:40:13 PST 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 905fdd75fe5dbac5f8d4417e4f4e587647e10218
https://github.com/WebKit/WebKit/commit/905fdd75fe5dbac5f8d4417e4f4e587647e10218
Author: Kimmo Kinnunen <kkinnunen at apple.com>
Date: 2023-02-02 (Thu, 02 Feb 2023)
Changed paths:
M Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp
Log Message:
-----------
texSubImage2D crashed on iOS16 + WebGL2 + large WASM memory
https://bugs.webkit.org/show_bug.cgi?id=250558
rdar://104305743
Reviewed by Matt Woodrow.
Adjust the input size from the ArrayBufferView byteLength
to the actual image data size texSubImage2D would use.
Fixes crashes where IPC would copy the whole ArrayBufferView into
encoding buffer, causing the WP process size increase.
* Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp:
(WebCore::WebGLRenderingContextBase::validateTexFuncData):
Canonical link: https://commits.webkit.org/259742@main
More information about the webkit-changes
mailing list